Firewall Wizards mailing list archives
Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem )
From: "Paul D. Robertson" <proberts () patriot net>
Date: Mon, 26 Aug 2002 09:15:15 -0400 (EDT)
On Mon, 26 Aug 2002, B. Scott Harroff wrote:
loss. Commensurate discipline would be a slap on the hand. If Jim surfs to a porn site (often) and Jane who sees this feels sexually ofended and harassed, and the company does not follow up with stopping folks like Jim, the company could face a embarrasing and expensive law suit....
Actually, I think it's not necessarily good to stop "folks like Jim-" the "bad apple" defense means you *must* stop Jim once he's reported. However, if you put in a mechanism and it has flaws, you could be more liable for the things that get through than you are if you don't try. Suddenly you've placed yourself in the position of an editor, and legally, not trying and not failing is different than trying and failing.
Agreed on both counts. Not taking action can be very expensive though.....
As important as taking action is *when* you take action- and preemptive strikes can cost you in court where post-event action won't. About the only preemptive action that seems to have not landed anyone in hot water is training. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () patriot net which may have no basis whatsoever in fact." probertson () trusecure com Director of Risk Assessment TruSecure Corporation _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Crispin Harris (Aug 21)
- RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) R. DuFresne (Aug 22)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) B. Scott Harroff (Aug 22)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Adam Shostack (Aug 23)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) B. Scott Harroff (Aug 23)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Dave Piscitello (Aug 25)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) B. Scott Harroff (Aug 26)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Paul D. Robertson (Aug 26)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) B. Scott Harroff (Aug 26)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Paul Robertson (Aug 26)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) R. DuFresne (Aug 26)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) B. Scott Harroff (Aug 22)
- Message not available
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Dave Piscitello (Aug 26)
- RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) R. DuFresne (Aug 22)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Paul D. Robertson (Aug 26)
- Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) R. DuFresne (Aug 25)
- <Possible follow-ups>
- RE: Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Kalat, Andrew (ISS Atlanta) (Aug 22)
- Re: Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) B. Scott Harroff (Aug 22)
- RE: Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Kalat, Andrew (ISS Atlanta) (Aug 22)